[Bro] Filtering PacketFilter::Dropped_Packets
Seth Hall
seth at icir.org
Tue Apr 17 04:34:17 PDT 2012
On Apr 16, 2012, at 8:18 PM, Martin Holste wrote:
> But I'm still getting a ton of "PacketFilter::Dropped_Packets" to notice.log.
> What do I need to do to disable these messages?
Notice processing docs:
http://www.bro-ids.org/documentation/notice.html
You can use the notice ignore shortcut because you want to completely ignore a notice type:
http://www.bro-ids.org/documentation/notice.html#id7
redef Notice::ignored_types += { PacketFilter::Dropped_Packets };
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro-ids.org/
More information about the Bro
mailing list